I think that it is even worse than that. In a decade or two, we are going to learn the many cases of sexual abuse that this surveillance facilitated. To give such an absolute power to adults over other people's children never ends well. And the kind of person that wants to spy on kids and teenagers 24/7 is the kind of person that should not be allowed to work with them.
> Over the next 15 days, the school district captured at least 210 webcam photos and 218 screenshots. They included photos inside his home of Robbins sleeping and of him partially undressed, as well as photos of his father. The district also snapped images of Robbins' instant messages and video chats with his friends, and sent them to its servers.
> "Many of the images captured and intercepted may consist of images of minors and their parents or friends in compromising or embarrassing positions, including, but not limited to, in various stages of dress or undress," the lawsuit charges.
A more plausible scenario is trying to sue the kids for indecency or similar.
Then there is this illusion, of setting up something oneself, as an institution, being super difficult.
Schools could easily rent a decent server, costing something like 40-80 dollar/euro per month and protect their students. They do have an computer/IT/informatics teacher, who studied computer stuff, hopefully. If not, they could hire someone to do it, the country / state could finance it, or they could even get a talented student to set it up for them. The setup itself is really not that difficult and takes an afternoon or without much prior knowledge perhaps 2 days. And really, if it is a money question, just ask parents to donate and the school will be covered. No unsolvable problem at all.
Universities easily have the cash to rent servers and usually have IT people in employment as well, who manage all sorts of stuff. It should be an easy task for them to set up a privacy preserving text, voice and video chat.
Then you have the problem, that I experienced myself, when I wanted to make it happen for schools, contacting someone I know at a school: There is bureaucracy in the way, which demands a uniform solution for schools. Which results in using a centralized service provider, because the whole country (!) does not manage to set up the infrastructure for its students. Just imagine that. A whole country, incapable of setting up privacy preserving solutions for students, all the while everyone is whining about bad online teaching during the pandemic. Somehow this makes me doubt their motivation and willingness to solve the problem.
Unfortunately most people are not informed about the issues and choose to continue being uninformed that way. They do not want to deal with ethical questions and rather want to throw money at the problem, by purchasing licenses for surveillance products.
All it takes is people caring.
Raising kids being spied on is going to create a generation of spiritual fugitives and compromised, sadistic adult administrators. I could see home schooling being the next big tech platform trend, like a Montessori system with a way for parents to co-ordinate.
I forced my own equipment and they tried to install and reinstall various spyware throughout the year.
It seems like rather than proposing a basic system of assignments and material and grades, they are trying to treat as a wholly owned ecosystem.
This is also one of the things that frustrates me about “work computers” but at least they have a bit more claim since work computers are tools for work while school should be about learning.
This enables "keybridging" mitm attacks on any TLS connection that trusts the cert. Best load a 3rd-party browser and install it locally, rather than compromise the whole device.
Breaking PKI by installing fake CA certs so that IT can MITM every connection is now an Enterprise Best Practice (tm).
In case the sarcasm isn't evident, please read the above as sarcastic. I detest admins who do this.
This is absolutely a best practice in some corporate environments for DLP. There's no better way to ensure sensitive data isn't being exported via TLS connections.
There is no reason, however, to do this to a child's device. Their teacher and their parents should have a grasp on this, not a school IT department, third-party contractor, government or worse.
No, it's not, and this attitude is a major cause of resentment among technical employees.
The "DLP" industry, in general, is a solution in search of a cause. If you can't trust your employees, you'll never be able to stop the determined ones.
Just install the cert on one device (either school issued or Firefox on a BYOD device since it keeps its own cert store that doesn’t affect the rest of the system) and use that for browsing on school Wi-Fi if your paranoid. In my experience, school IT has other things to do than to watch what your browsing without cause.
(Yes, this practice sucks. But it’s the only way for them to implement the legally mandated filtering in a way they can guarantee it is working.)
Some people got in trouble for having learned about it and misusing it though >_<
I really like this point. I think it's true but not obvious.
My own kids are done, but I have my granddaughter to raise. (Rough, but she is great and will probably make me live longer, so no worries.)
This is going to be a fight! That level of surveillance is unacceptable. I have no plan yet, but will in a year or so. Guess it is wake up call time.
Seriously, I look back at my upbringing and what I was able to do for my kids, and shudder. I cannot imagine this ends well.
Can you? Seriously. Anyone want to talk me down, or just talk?
School the institution was not a very good place when I was there. It was not actually conducive to learning, peer influences were in general negative, authority figures were often abusive or at the very least ambivalent, and a sense of silent acquiescence to any authoritative demand was ingrained to the point that it takes young people years of their early adulthood to break this and begin building their own lives how they want them. Many of my peers went into massive debt on the presupposition that authority figures know what's best and that the institutional structure will look out for them, and I believe this is the direct result of the basically authoritarian environment they were raised in.
And this, all I had to deal with were grainy cameras in the halls and police writing children tickets. From what I hear from people younger than me, it is much worse now.
A lot of what you said, is what my own kids said. It's amazing how much it has degraded.
This batch of kids are going to have it rough.
Edit: I am gonna start with Faraday Cage. Thanks.
Right now, we are doing lots of basic science.
She did ask how the cellphone works.
When she can understand something about radio, yeah. Cell phone does not answer in here, why?
Right now, it is TikTok. Fun!
As far as I know, there’s no legal equivalent to HIPAA(which itself only scratches the surface of things) for ensuring the data and logs of these invasive systems stays under tight supervision.
Now add in the fact that the people monitoring these systems may have an infinite amount of their own selfish agendas in mind for what to do with the information they gather… well, this will end poorly.
Children are always likely to learn something about themselves that displeases their parents. This can be anywhere from sexual orientation to religious inclinations. As a society we can and should enable this exploration - it only makes for a better outcome. Any society that can ongoingly say that critical thinking has led to the desired outcome is like (IMHO) to succeed and grow.
I fail to understand how we've moved from free speech to lack of privacy in such a short period of time. Today in many places, people are arrested for covering their faces in public - though not in the winter where such gear is warranted. People are arrested for expressing views (frequently violently, but not always) that are aligned with many, and abhorrent to others. Privacy would and should allow such exploration.
To me this is fundamental we ought be teaching, much like basic finance. Bother are important to get through life, and the ripple effects will be enormous. Clearly I have a bias.
The US supposedly already decided on this in the 4th amendment:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
It's apparent how authoritarian regimes can abuse this, and it's becoming more common that incompetence or hacking can allow all this information to become public.
There are a lot of motivations for private businesses to collect as much information as they can, just in case they might be able to use it in the future.
Thursday of last week a solicitor came up to my door. Didn't knock. Leaned their electric scooter against my house, and was "working" on their tablet. I was just getting home and after parking I passed them and mentioned that I wasn't interested in what they were selling. They said "yeah, I saw the No Soliciting sign so I didn't knock, but they are also having us run a scan."
They were completely unaware of how creepy that is and how obtrusive it can be. I played it cool, even though I was irate. They actually showed me the interface and it scanned for wifi and bluetooth devices and recorded ids, etc. My address and photos of my house were on the screen as well. (Public information, I know, but still creepy.)
Apparently there's a market for knowing what brand of wireless computing equipment people have on site. Imagine that. They worked for a company selling home security, smart home devices, and bug extermination service. My my.
It wasn't every house. They had a queue to go through. Apparently I'm a "valuable" target, people. :)
In the meantime we want to keep our shoes on at the aiport so we actually pay the government and agree to let them perform ongoing, perpetual background searches on us "to maintain eligibility". :)
My usual reply to that is: "ok, what is your salary, and what is in your bank account?"
Instead, ask them if they're fine with surveillance cameras in their home that record them jerking off or taking a shit.
Most people wouldn't be happy about that. Most privacy invasions are too subtle and the dangers too abstract to make them care. But almost all agree that cameras in the bathroom is past the line.
I usually reply to the Myth #1 with "BECAUSE IT'S NONE OF YOUR FUCKING BUSINESS!"
Really guys, you don't have to know my age, gender, religion, browsing history and klick behavior to sell me a bottle of soda.
And for reading a government website or browsing a catalog of goods, you don't need to know aything about me.
It's reasons like this that I've started to eliminate what little online footprint my meat-person has now, while I can. At issue is the fact that I cannot delete my HN profile, nor go back and delete posts. I find that troublesome.
Well this is just plain a massive rewrite of history. The Nazi's were not in anyway covert about who they were going after, and they enjoyed broad popular support to do it.
"Privacy" doesn't mean a whole lot when the actual metric of oppression was "we're going to grab everyone who goes into that church over there".
Can't find the exact source, but there was this story about some French (?) town keeping a list of Jews in their documents, for no real reason. It's a piece of data - better to have it than not, right? Might be useful some day. Nazis certainly thought so when they occupied the town and got hold of the list.
Fascism targets "the other".
It won't be the solution. Actually it won't solve anything.
Schools I am familiar with are managed in a very top-down way, so it's hard to see at what point teachers could push effectively. They are not likely to be involved in purchasing the hardware, selecting the software, or choosing (surveillance) vendors.
You could argue that the teacher's union could be spearheading the pro-privacy push. I would support that, but it might be kind of far from the "core business" of the union. There are areas with a greater and clearer short-term impact my city's local teacher's union has choosen (e.g., internet access for low-income students).
I thought it would get better when I got older, but company Internet is also monitored and controlled through a proxy (ZScaler).
More egregious spying does frustrate me, because it breaks down trust (e.g. my mum reading my emails, or ex-girlfriend lying about having read my emails despite web history proving otherwise).
It does cause a chilling effect, especially when discipline is involved (punishment at a volunteer group for a humorous social media post means I don't post much online any more). I can't install a local web server on the company PC, and didn't even get admin privileges by default. Therefore my creativity has shifted towards hardware, because it's less restrictive.
These policies are not new, they're supported by management/HR/ICT who (perhaps correctly) assume that most people don't know what they're doing, and try to keep people "safe". There are causes worth fighting for, but privacy on other peoples' computers is a privilege that I've given up hope about changing.
To keep it focused on technology though, schools are super interesting - physical security is routinely violated. The iPhone really needs a dual-password mode, or some similar strategy, to protect its users.
Ever increasing spyware, tracking this, recognition that, useless recommendations, ads everywhere I look.
This stuff is eating me up.
EDIT: I also randomized my MAC address while using the school network using a script I wrote during a free period
The worrying bit is that most gen-Zers have a radically different and weakened view of digital privacy. They are more than happy to use services with bad privacy track records just because "their friends are on it", network effects trump everything else. They self-censor constantly and mistakenly think that perceived impermanence (e.g. Snapchats, or Instagram stories) means things would be deleted forever. They happily share passwords with romantic partners, even viewing grades (!) (despite constant stories of blackmailing after breaking up), constantly reuse passwords, don't have TFA, the list goes on. Out of convenience, secondary schools use services like GSuite, but in doing so they condition the next generation of people to increasingly give up their privacy.
At one point I tried to deactivate my Facebook account, but the day after, ran into problems because my clubs were using it as a proto-Slack platform, so I bit the bullet and continued using it.
Now that many of us are in university, the surveillance gets more ridiculous, especially in a pandemic. Most notably, I've heard friends complain of software that tracks your eye and body movement, audio, video and screen while taking a test. Fortunately for me the most I've had to do is join a Zoom call while the (human) professor proctors.
More hacker culture-minded types take more precautions, but it is sadly an extremely minority opinion, IME.
What's the goal here?
How does tracking everything a student does help them and how can they justify wasting time and money on this?
However, this is in fact a real problem. Our district forced very obtrusive monitoring and blocking software, as well as literal bloat to be installed on the chromebooks - there's like 20 browser extensions that cannot even be turned off, making the already low performing chromebooks so laggy that it's hard to use. Obvious "bad sites" like pirate bay, porn, and etc are understandably blocked, but they also block access to "social media" like reddit and discord.
This doesn't sound that bad yet. The problem comes when students use their own devices instead of the school provided ones. Some sites and services are still blocked at the internet level, but can by bypassed easily. This means that, students with own laptops could communicate with each other using services that chromebook students cannot access. This means that students from families with lower income or with more siblings literally get blocked out of friend groups, with access only to heavily monitored google chat. During distance learning, this problem has only been made worse.
Additionally, district chromebooks are absolutely no less distracting with the various censorship and monitoring and bloat - kids would still much rather browse the limited internet than pay much attention in class. I think there was some study that showed laptops drastically reduced student's academic performance on average. (Though I think access to computer is really powerful for learning how to access internet resources and developing actual knowledge.)
TLDR my opinion and experience on technology + kids
They all got "enterprise enrollment" feature that makes them kinda useless. Pretty much impossible to reinstall OS, and believe me, lots of people have tried.
Perhaps I date myself with that recommendation, but I consider it an important reading.
Why are kids, the ones we're supposed to protect, being used as lab rats here? (Rhetorical—it's because they have no agency and the parents are kept at arm's length. Near-perfect conditions for abuse of power, however well-intentioned.)
What if the student government could declare no confidence in the school administration and have them removed? Would at the very least get more kids interested in civics.
The problem is the school system, and people with a patronising ideal of what the State or affiliated companies should be able to do.
More and more happy to be living in the EU where this kind of surveillance nonsense can't be implemented as easily as in other parts of the world, thanks to privacy laws.
But, it may indeed have to be addressed at the legislative level. I have dim hopes for US legislation forcing anybody to un-spy on innocent people.
We should teach kids to game these systems. Eventually they would do so anyway. The surveillance abuse that already happened is just a small example of what future pupils have to content with.
That being said, it’s only acceptable IMO when:
1. It’s only on school-issued equipment.
2. It’s only during hours when the school is responsible for the pupil.
3. What’s being monitored and recorded is stated explicitly in and limited to a document that is distributed to students and parents when the equipment is issued.
4. When screen grabbers or Remote Desktop are used, the student is given some kind of obvious on-screen warning that they are being surveiled in real time.